CVE-2022-1161
high-risk
Published 2022-04-11
An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other.
Do I need to act?
-
0.12% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
10
CVSS 10.0/10
Critical
NETWORK
/ LOW complexity
Affected Products (20)
Compactlogix 1768-L43 Firmware
Compactlogix 1768-L45 Firmware
Compactlogix 1769-L31 Firmware
Compactlogix 1769-L32C Firmware
Compactlogix 1769-L32E Firmware
Compactlogix 1769-L35Cr Firmware
Compactlogix 1769-L35E Firmware
Compactlogix 5370 L3 Firmware
Compactlogix 5370 L2 Firmware
Compactlogix 5370 L1 Firmware
Compactlogix 5380 Firmware
Compactlogix 5480 Firmware
Compact Guardlogix 5370 Firmware
Compact Guardlogix 5380 Firmware
Controllogix 5550 Firmware
Controllogix 5560 Firmware
Controllogix 5570 Firmware
Controllogix 5580 Firmware
Guardlogix 5560 Firmware
Guardlogix 5570 Firmware
Affected Vendors
References (2)
Third Party Advisory
https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-05
Third Party Advisory
https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-05
55
/ 100
high-risk
Severity
33/34 · Critical
Exploitability
1/34 · Minimal
Exposure
21/34 · High